It is the responsibility of the Asset Administrator to add partitions to Safeguard for Privileged Passwords. When you create a new partition, Safeguard for Privileged Passwords creates a corresponding default profile with default schedules and rules. For more information, see Setting a default profile..
To add a partition
- Navigate to Asset Management > Partitions.
- Click New Partition from the toolbar.
- In the Partition dialog, enter the following information:
-
Name: Enter a unique name for the partition. Limit: 50 characters.
-
Description: (Optional) Enter information about this partition. Limit: 255 characters.
-
Click OK to save the partition.
When you create a new partition, Safeguard for Privileged Passwords creates a corresponding default profile with default schedules and rules. You can:
Use the Assets tab on the Partitions view to add one or more assets to a partition. When you assign an asset to a partition, all the accounts associated with that asset are assigned to that partition, as well.
You can only assign an asset to one partition at a time. When you assign an asset to a partition, all accounts associated with that asset are automatically reassigned to that partition, as well. Then, any new accounts you add for that asset are automatically assigned to that partition.
You can reassign the asset to another partition either from the scope of the other partition or from an asset's General properties. For more information, see Assigning an asset to a partition..
When you associate an asset to a partition, all the accounts associated with that asset, are also added to the scope of that partition. For more information, see About profiles..
To add assets to a partition
- Navigate to Asset Management > Partitions.
- In Partitions, select a partition from the object list and click Edit.
- Open the Assets tab.
- Click Add Asset from the details toolbar.
- On the Select assets to add to partition dialog, select one or more assets.
-
Click Select Assets.
If you do not see the asset you are looking for and are an Asset Administrator, you can create it in the dialog by clicking New Asset. For more information, see Adding an asset.
On the web client, use the Accounts tab on the Partitions view to add an account to a partition.
You can manage tasks and services on a domain controller (DC) asset. For more information, see Using a domain controller (DC) asset..
To add an account to an asset
-
Navigate to Asset Management > Partitions.
-
Select a partition and click View Details.
-
Open the Accounts tab.
- Click New Account from the details toolbar.
-
In the Select the asset for the new account dialog, select an asset to associate with this account then click Select Asset.
-
In the New Account dialog, enter the following information:
-
On the General tab:
-
On the Management tab:
-
Enable Password Request: This check box is selected by default, indicating that password release requests are enabled for this account. Clear this option to prevent someone from requesting the password for this account. By default, a user can request the password for any account in the scope of the entitlements in which they are an authorized user.
-
Enable Session Request: This check box is selected by default, indicating that session access requests are enabled for this account. Clear this option to prevent someone from requesting session access using this account. By default, a user can make an access request for any account in the scope of the entitlements in which they are an authorized user.
-
Available for use across all partitions (Only available for some types of directory accounts): When selected, any partition can use this account and the password is given to other administrators. For example, this account can be used as a dependent account or a service account for other assets. Potentially, you may have assets that are running services as the account, and you can update those assets when the service account changes. If not selected, partition owners and other partitions will not know the account exists. Although archive servers are not bound by partitions, this option must be selected for the directory account for the archive server to be configured with the directory account.
-
Click OK.
You cannot remove assets from a partition.
You can reassign the asset to another partition either from the scope of the other partition or from an asset's General properties. For more information, see Assigning an asset to a partition..
When you associate an asset to a partition, all the accounts associated with that asset, are also added to the scope of that partition. For more information, see About profiles..